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Security 


Abstract: The Automated Teller Machine, also known 
as an ATM, has become the most common method by 
which individuals withdraw cash for their own use. The 
transactions that people conduct through the ATM ought 
to be protected, and the particulars ought to be kept 
private. Facial recognition will be used as the method of 
user authentication in this project so that Automated 
Teller Machine (ATM) transactions will be protected 
from fraudulent activities. The image of the account 
holder's face, as well as the faces of any beneficiaries, 
must be taken in well-lit conditions and then saved on a 
central server for face recognition to work. A camera is 
positioned within the automated teller machine (ATM) 
in such a way that it can take a picture of the person who 
is currently using it. After comparing the face of the 
cardholder to the account holder and beneficiaries, the 
system moves on to the PIN Validation step after 
recognising the cardholder's identity 
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Introduction 


When applied to the computer vision problem of human face recognition, a set of eigenvectors is 
called "eigenfaces." Sirovich and Kirby (1987) created the Eigenfaces method for recognition, which 
has been used by Matthew Turk and Alex Pentland for face classification [1]. The high-dimensional 
face image vector space is used to calculate the covariance matrix, from which the eigenvectors are 
calculated. The Eigenfaces provide a fundamental group of images from which to generate the 
covariance matrix [2-7]. This decreases the number of dimensions needed to represent the original 
training images, as the smaller set of basis images can do so. Comparisons of how different faces are 
represented in the basis set allow for classification. The process of facial recognition divides the data 
from images into distinct categories (persons) [8-15]. Although the input images are not completely 
random, they do have significant variation due to factors such as lighting and pose. All input signals 
share common characteristics despite their unique characteristics. Examples of universal patterns that 
can be observed in any signal include the presence of specific anatomical features (eyes, nose, mouth) 
in any given face and the distances between them [16-21]. Eigenfaces are the technical term for these 
distinguishing characteristics in the field of facial recognition (or principal components generally). 
Principal Component Analysis is a mathematical method for obtaining them from raw image data 
(PCA) [22-26]. 


Using principal component analysis (PCA), each image in the training set can be converted into an 
eigenface. By summing up the eigenfaces, PCA allows for the reconstruction of any image in the 
training set [27-31]. Keep in mind that eigenfaces are simply distinctive features of the faces. 
Therefore, the original face image can be reconstructed from eigenfaces by summing all the eigenfaces 
(features) together in the correct proportion. Some features of the face may or may not be present in 
the original image, but those features are all that are represented by each eigenface [32-37]. 


The proportion of an Eigen face's contribution to the "sum" of the Eigenfaces should increase if the 
corresponding feature is more pronounced in the original image. If the opposite is true, then that detail 
was likely added later and is not visible in the original image. A smaller (or null) contribution from the 
corresponding eigenface to the total number of eigenfaces is desired [38-41]. Therefore, a weighted 
sum of all eigenfaces must be constructed in order to reconstruct the original image from the 
Eigenfaces. Each eigenface contributes a certain amount to the final reconstructed image. The value of 
this weight indicates how prevalent the individual feature (eigenface) was in the base image [42-49]. 
Reconstructing the original images from the eigenfaces alone is possible if all the eigenfaces are used. 
However, a subset of the eigenfaces can be used instead. If this is the case, the reconstructed image 
will be close to the original. However, by leaving out certain eigenfaces, one can guarantee that losses 
are kept to a minimum [50]. To achieve this, we prioritise only the most essential characteristics 
(eigenfaces). Since computational resources are limited, eigenfaces must be ignored [51-57]. 


What does this have to do with biometrics? The fact that you can do both face extraction and eigenface 
extraction from a given set of weights is a hint [58-63]. The opposite approach would be to derive the 
weights from the eigenfaces and the target face. These values tell us exactly how dissimilar the target 
face is to the "typical" faces reflected by the eigenfaces, and nothing else. As a result, with these 
numbers, we can learn two very significant things [64-69]. 


Check to see if there is a face in the image. If the image's weights are drastically different from the 
weights of known face images, then it is unlikely to be a face [70-75]. Images of faces that are similar 
to one another share certain characteristics (eigenfaces) to a high degree (weights). Images can be 
organised into clusters using extracted weights from all available images. Similar faces are more likely 
to appear in all images with similar weights. Python, developed by Guido van Rossum and first 
released in 1991, is a popular high-level programming language used for a wide variety of purposes 

[76-81]. Python is an interpreted language with a design philosophy that prioritises code readability 
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(most notably, it makes use of whitespace indentation to delimit code blocks rather than curly braces 
or keywords) and a syntax that enables programmers to express concepts in fewer lines of code than is 
possible in languages like C++ or Java. The language's features are meant to facilitate the creation of 
comprehensible programmes of varying sizes [82-87]. 


Review of Literature 


Python is a flexible programming language that can be used for a wide range of projects due to its 
dynamic type system and built-in support for automatic memory management and programming styles 
like OOP, FP, and procedural code. It comes with a large and complete set of industry-standard books 
[88-101]. Python is a multi-paradigm language, meaning that it supports more than one style of 
programming. Object-oriented programming and structured programming are both fully supported, 
and the language also offers extensive support for aspect-oriented programming [102-109]. Extensions 
allow for the use of many different paradigms, such as design by contract and logic programming. 
Python's memory management is based on dynamic typing, reference counting, and a garbage 
collector that can detect cycles [110-115]. Python's dynamic name resolution (late binding) is a 
powerful feature that binds the names of methods and variables as the programme runs [116]. 


Python does away with the need for curly braces and keywords in favour of indentation to separate 
code blocks. After certain statements, the indentation level rises; when it falls, the current block ends. 
This aspect is also known as the "off-side rule" in some contexts [117-119]. 


The equals sign (token '=') in an assignment statement. This fundamental mechanism (including the 
nature of Python's version of variables) sheds light on a wide range of other language features and 
operates differently than in conventional imperative programming languages. To assign a value to a 
variable in C, as in x = 2, means to store the value 2 in the variable with the name x [120-127]. The 
right-hand value is copied into the memory location whose name is represented by the left-hand 
variable. The size of the variable's allocated memory is appropriate for the declared type. Using the 
same example, the simplest form of assignment in Python is x = 2, which means "(generic) name x 
receives a reference to a separate, dynamically allocated object of numeric (int) type with value 2." We 
connect the name to the thing by doing this [128-133]. It is incorrect to refer to the storage location by 
its name, since it does not contain the specified value. In the future, names can refer to anything from 
strings to procedures to complex objects with data and methods, and everything in between [135-138]. 


Because statements cannot be included in expressions, expressions such as lists, other 
comprehensions, and lambda expressions cannot contain statements [139-143]. The conditional 
expression of a conditional statement cannot contain an assignment statement like a = 1, as an 
example. As a result, you won't make the common C mistake of confusing the assignment operator = 
with the equality operator == in a condition. While the C code if (c = 1) ... is valid syntax (albeit 
unintentional), the Python code if (c = 1):... is not [144-149]. 


Methodology 


The syntax instance.method(argument) is syntactic sugar for Class.method, which refers to a function 
that is attached to an object's class (instance, argument). In contrast to other object-oriented languages 
(e.g., C++, Java, Objective-C, or Ruby), Python's methods use an explicit self parameter to access 
instance data. One of Python's many strengths is its extensive standard library, which includes a wide 
variety of useful tools. This is on purpose, and is part of Python's "batteries included" philosophy. 
Internet-facing applications can use a wide variety of common file formats and communication 
protocols (like MIME and HTTP) [150-157]. Modules for GUI design, database connectivity, random 
number generation, floating-point arithmetic, regular expression manipulation, and unit testing are all 
provided. As of November 2016, over 92,000 packages offering a wide range of functionality were 

available from the Python Package Index, the official repository containing third-party software for 
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Python [158-167]. If the terminal in question is linked to the main database, then the online PIN will 
be verified. In banks, the customer's PIN is checked against both the reference PIN and the customer's 
own PIN. One drawback is that if the network goes down, the ATM can't be used until the problem is 
fixed [168-171]. 


Result 


The ATM is not linked to a centralised database in off-line PIN validation. Off-line PIN validation 
necessitates that the ATM be able to check the entered PIN against a stored reference PIN. The 
terminal needs cryptographic processing power and access to appropriate encryption keys. The off-line 
verification method is painfully sluggish and ineffective. Since ATMs can now connect to a central 
server via secure wireless networks, offline PIN validation is no longer necessary [172-177]. 


In order to carry out a high-security interchange transaction, one of three PIN procedures must be 
followed. A secret cryptographic key is used to encrypt the supplied PIN at the entry terminal. The 
PIN, along with other transaction details, is sent to the acquirer's system in an encrypted format. From 
there, the acquirer's system sends the encrypted PIN to the HSM [178-181]. 


The secret number is revealed there. When an interchange cryptographic key is decrypted, it is 
immediately re-encrypted and sent to the issuer's system via the usual channels of communication. 
Finally, the routed PIN is validated using online local PIN validation techniques after being decrypted 
in the issuer's security module [182-185]. 


Message authentication, also known as "ZONE ENCRYPTION," is one of several transaction methods 
used in shared ATMs for PIN encipherment. In this system, a reliable third party is designated to act 
on behalf of a consortium of financial institutions to facilitate the exchange of messages regarding the 
approval of ATM payments [186-191]. 


Maintaining secure connections between financial institutions and ATMs requires a cryptographic 
module, also known as a security module. The safety component was built to withstand attempts at 
modification. Multiple tasks, including PIN verification, PIN translation during exchange, Key 
management, and message authentication, are handled by the security module. Since the security 
module can convert PINs to the interchangeable format, their use raises security concerns. 
Additionally, the security module creates, stores, and guards all user network keys [192-196] . 


User-provided personal verification information is the first step in the personal verification process. A 
personal identification number (PIN) and the customer's banking details are stored in this manner. 
Skimming is a form of credit card theft in which criminals use a miniature device to steal card details 
during a seemingly legitimate credit or debit card transaction [197-199]. 


A skimmer is a device that records information from the magnetic strip of a credit or debit card as the 
card is swiped through it. Online or with fake credit cards, thieves use the stolen information to make 
unauthorised purchases. 


Some employees in retail and dining establishments who regularly handle credit cards are occasionally 
recruited to join a skimming ring. During a routine transaction, these employees will use a portable 
device to steal your credit card information. For instance, we commonly use credit cards to pay the bill 
at restaurants. The waiter takes our credit cards and walks away, providing a dishonest waiter with a 
perfect opportunity to steal our money using a credit card skimmer. 


The information can then be used to make fraudulent purchases in person using a cloned credit card, 
online using the victim's account, or resold online. 


295 | Published by “ CENTRAL ASIAN STUDIES" http://www.centralasianstudies.org 


Copyright (c) 2023 Author (s). This is an open-access article distributed under the terms of Creative Commons 
Attribution License (CC BY).To view a copy of this license, visit https://creativecommons.org/licenses/by/4.0/ 


CAJMNS Volume: 04 Issue: 03 | May-Jun 2023 


Bank robbery that involves the systematic theft of money from ATMs is called an ATM looting. The 
criminals conduct their plunder by using identity theft to fabricate counterfeit debit cards using the 
banking information of unsuspecting victims. 


Discussion and Finding 


We propose a solution to the aforementioned security issues. We have improved the safety and 
reliability of ATM withdrawals by adding a new layer of protection. Each bank account holder must 
have a valid e-mail id on file with the institution for our proposed system to work. In addition, 
multiple, well-lit photographs of the account holder's face are taken for processing purposes. In 
addition, the area around the ATM should be well-lit to facilitate quick and precise facial recognition. 
Our solution uses facial recognition technology to make using ATMs safer. The credit/debit card can 
only be used by the legitimate account holder. Those who choose to use this feature will have their 
accounts protected in a manner similar to online banking, but it is entirely voluntary. 


The account holder's face is all that's needed for facial recognition. At the bank's location, the image is 
captured for the first time from a number of different perspectives by bank officials. Some processing 
is applied to these captured images in order to extract facial features that can then be used for 
recognition. The finalised picture is kept in a data warehouse. If the user has enabled this function, the 
recognizer software will receive a live feed from the ATM's camera following a card swipe. Facial 
features will be extracted from the live feed after being detected by the recognizer. The facial features 
are extracted and compared to previously extracted and stored facial features. If the facial features 
don't match, the transaction is flagged as a "Unauthorized transaction" and denied. Otherwise, the 
transaction will be treated as "Authorized" and processed accordingly. After the card is swiped, the 
PIN is entered. 


When a customer opens an account with a specific bank, the primary process on the bank's end is the 
face registering process. The customer's face is photographed by the bank at a well-lit location and 
then used to determine who is permitted to use the account's ATM card. The eigenfaces are generated 
from the processed face scan. The captured image of the person is processed through dimension 
reduction to convert it from 2 Dimensional images to 1 Dimensional, thereby reducing the image size 
while maintaining the important characteristics used in the process. The Converted Eigenfaces are 
linked to the user's account in the central database, where they will be available for use in subsequent 
server operations. When a customer uses an ATM to withdraw money from their account, this action is 
taken. Here, the ATM's built-in cameras are used for face recognition in real time. The ATM will 
detect and record a live image of the user as soon as they approach the machine. 


To decrease the file size of the live image captured by the ATM, its dimensions will be converted to 
eigenvalues. This eigenface will be used to find a matching photo in the database. The live ATM 
image will be transformed into an eigenface through this procedure. The converted value will be 
compared to the person's preexisting eigenface value in the database. In this procedure, PCA is used. 
Face values will be matched using principal component analysis. 


If the card is used without the customer's permission and the PIN is attempted, a photo of the 
cardholder will be sent to the account holder via e-mail. Even though it's not a security boost, this will 
make sure that all transactions are recorded. The account holder can now visualise the fraudster in the 
event of fraudulent activity. It's also convenient in the event of a police report, as officers won't have 
to waste time waiting for the bank to release the relevant surveillance footage. The account holder's 
photo provides the police with a starting point for their investigation. 


Facial recognition for ATMs with an e-mailing feature was implemented in this project as a novel 
approach to strengthening ATM security. Our new system offers a secure cash machine. This makes it 
possible to put a stop to fraudulent activities. We can take our work in a number of exciting new 
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directions. Improved machine learning algorithms can process captured images of processes and store 
them in a central server for future recognition, speeding up and improving the accuracy of the 
recognition process. This allows for precision even in dim conditions. 


When a customer opens an account with a specific bank, the primary process on the bank's end is the 
face registering process. The customer's face is photographed by the bank at a well-lit location and 
then used to determine who is permitted to use the account's ATM card. The eigenfaces are generated 
from the processed face scan. The captured image of the person is processed through dimension 
reduction to convert it from 2 Dimensional images to 1 Dimensional, thereby reducing the image size 
while maintaining the important characteristics used in the process. The converted eigenfaces are 
linked to the user's account in the central database from which the servers can pull them for further 
processing. 


Conclusion 


When a customer uses an ATM to withdraw money from their account, this action is taken. Here, the 
ATM's built-in cameras are used for face recognition in real time. The ATM will detect and record a 
live image of the user as soon as they approach the machine. To decrease the file size of the live image 
captured by the ATM, its dimensions will be converted to eigenvalues. This eigenface will be used to 
find a matching photo in the database. The live ATM image will be transformed into an eigenface 
through this procedure. The converted value will be compared to the person's preexisting eigenface 
value in the database. In this procedure, PCA is used. If both the live and stored images have the same 
eigenface values, PCA can be used to match the face values. After that, they'll be able to withdraw 
cash from an ATM. The captured image and the user's E-Mail address will be sent to a blacklist if the 
user tries to access the system. 
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